<?php

/**
 * UserIdentity represents the data needed to identity a user.
 * It contains the authentication method that checks if the provided
 * data can identity the user.
 */
class UserIdentity extends CUserIdentity {
	/**
	 * User login error infomation for banned or deleted
	 */
	const ERROR_STATUS_PREVENTED = 3; 

	/**
	 * Authenticates a user.
	 * The example implementation makes sure if the username and password
	 * are both 'demo'.
	 * In practical applications, this should be changed to authenticate
	 * against some persistent user identity storage (e.g. database).
	 * @return boolean whether authentication succeeds.
	 */
	public function authenticate() {
		$currentUser = AdUserRecord::model()->find('user_name=:userName', array(':userName' => $this->username));
		if (!isset($currentUser))
			$this->errorCode =self::ERROR_USERNAME_INVALID;
		else if ($currentUser->password != md5($this->password))
			$this->errorCode = self::ERROR_PASSWORD_INVALID;
		else if ($currentUser->status == UserConstant::USER_STATUS_DISABLED)
			$this->errorCode = self::ERROR_STATUS_PREVENTED;
		else {
			$this->errorCode = self::ERROR_NONE;
			Yii::app()->user->setState('role', $currentUser->role); // Assign the role to user
		}
			
		return $this->errorCode;
	}
}